Switch:

background

MCERT

Threat Alerts

CVE-2016-10956 (mail-masta)

16th September 2019 - 20:29

The mail-masta plugin 1.0 for WordPress has local file inclusion in count_of_send.php and csvexport.php. Link: https://web.nvd.nist.gov/view/vuln/... Read more

CVE-2016-10961 (colorway)

16th September 2019 - 20:29

The colorway theme before 3.4.2 for WordPress has XSS via the contactName parameter. Link: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-20... Read more

CVE-2016-10969 (supportflow)

16th September 2019 - 20:29

The supportflow plugin before 0.7 for WordPress has XSS via a discussion ticket title. Link: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-... Read more

CVE-2016-10970 (supportflow)

16th September 2019 - 20:29

The supportflow plugin before 0.7 for WordPress has XSS via a ticket excerpt. Link: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1097... Read more

CVE-2016-10973 (brafton)

16th September 2019 - 20:29

The Brafton plugin before 3.4.8 for WordPress has XSS via the wp-admin/admin.php?page=BraftonArticleLoader tab parameter to BraftonAdminPage.php.... Read more